For the modern software factory, security is paramount. Not a week goes by without news stories informing us of some hack, compromise, or breach to an application or app environment. Today, there is a lot of talk about ‘DevSecOps’, but its focus is primarily concerned with application or app environment security. Though this is important and warranted, what remains unaccounted for and undiscussed is securing the actual automation mechanics of a continuous delivery pipeline.
Are you struggling to ensure the security of your continuous delivery pipeline? As technology advances so do the risks – learn how to gain control and mitigate vulnerabilities.Watch View all Resources
To ship software faster, release teams often grant credentials and privileges to the automation mechanics responsible for deploying applications and environment provisioning. Over time, ‘privilege creep’ leaves organizations vulnerable. The seriousness of this threat cannot be understated as the privileges required to install, configure and start/stop applications can be significant.
Indeed, by their very nature, automation mechanics, are intended to make aggressive changes in environments. Therefore, it is of the utmost importance the privileges used by these mechanics are secured.
CA Automic Release Automation combined with CA Privileged User Governance enables the enterprise to both control and govern the credentials and privileges used within the continuous delivery pipelines. Additionally, complete audit reporting provides transparency to what has become a black box.
CA Automic Release Automation with CA Privileged User Governance Provides
- Safe and secure continuous delivery (CD) pipelines
- Complete visibility into and reporting of the credentials and privileges used in continuous delivery pipelines
- JIT privileges with auto-changing passwords for CD automation mechanics
- Increased visibility and control into the who, what and where of app releases
- Reduced exposure malicious cyber attacks